IT Unlike Any Other

Mass SQL Injection Attack Hits 1 Million Sites

“To have input validation turned off on their Web servers seems crazy,” he says. “There is literally a script feature on ASP.NET that checks input validation, and it’s on by default. These people have turned it off, and I cannot wrap my head around why they’re turning it off.”

Why would you disable the safety features of your development language, and put them into production like that?